Hey there,
since update 6.1.0 the DKIM signature verification isnt working.
The response in the email-source text is :
X-DKIM-Status: fail [(adress.com) - 127.0.0.1]
X-DKIM-Status: fail [([email protected]) - 127.0.0.1]
X-DKIM-Status: fail [(adress.com) - 0.0.0.0]
X-DKIM-Status: fail [([email protected]) - 0.0.0.0]
and it should be
X-DKIM-Status: pass [(adress.com) - 127.0.0.1]
X-DKIM-Status: pass [([email protected]) - 127.0.0.1]
X-DKIM-Status: pass [(adress.com) - 0.0.0.0]
X-DKIM-Status: pass [([email protected]) - 0.0.0.0]
!IPs and adresses changed ( cause of firm intern data)
We didnt change anything expect the version.
and the key is still valid
with best regards
Just to let you know I'm looking into this - there were quite a lot of big changes in 6.1 and it looks like DKIM was affected.
Thats nice we switched back to 6.0.7 an hope it will work in the next Version :D
Good luck in finding the problem.
The same issue after upgrade from 6.0.6 to 6.1.1
Could you give the version linked from the above commit a try and let me know if it works for you?
I tested the version 3 times it still fails
Hm. When I send to https://dkimvalidator.com it works fine:
Validating Signature
result = pass
as does gmail:
Authentication-Results: mx.google.com;
dkim=pass [email protected] header.s=phpmailer2 header.b=KvtUJH+S;
Do you have any more info on the error you're getting? Can you show what's in your headers?
Hello
Failed for me too. Sent dkimvalidator results by e-mail
I've just pushed some more changes that may fix things for you (and the tests are now passing again!), please try again!
"committed 19 hours ago" - but I have just tested recently
Could you please provide direct link to new PHPmailer.php?
You're probably looking in master instead of the branch I'm pushing to. Try this one
It's failed again
Sent another results by e-mail
after updating again it still doesnt work
some more informations
DKIM-Signature: v=1; d=serveradress.de; s=dkim;
a=rsa-sha256; q=dns/txt; l=314; t=1570786249; c=relaxed/simple;
h=Date:From:Message-ID:X-Mailer:Content-Type:To:Subject:Subject;
i=florian.[email protected];
z=Date:Fri,=2011=20Oct=202019=2011:30:49=20+0200
|From:Florian=20Sobotka=20florian.sobotka@serveradress.de
|Message-ID:SLvLsdBQcow5n0VN6QF9BB8WR94pgq5YQyib5kNkhs@serveradress.serveradress.de
|X-Mailer:PHPMailer=206.1.1=20(https://github.com/PHPMailer/PHPMailer)
|Content-Type:multipart/alternative=3Bboundary=3D"b1_SLvLsdBQcow5n0VN6QF9B
B8WR94pgq5YQyib5kNkhs"
|To:florian.[email protected]
|Subject:DKIMTest
|Subject:DKIMTest;
bh=NwgjRzCs+AvQoIPjtlEPf5GAyy0F0A2lvBLwladj98w=;
b=Xl/56HsGoRrhYOrD6CR+AMqiQB8ZzJs2aJPWUUhKCh4vrCmzKGNHvcbKPAhKzRV9MmaLHtDXb
BNM4xEW0gPjnB6qgrnBlX33Nbk4ZsIyAK9VTWZ2c5DH+XlDc+U6dDcWDg6uFrgVwfb0HvSPjn
GKMk+Lzfju6XrDDHe3Gt6E1p7ZHXhcNouxqkqft+EmVVSxqpeO1gKZpnMNYGFdFrj5F2YNULm
h8w023+ROA14Pp7j/IEpk4ec5sDUB7mtmU0sZwXB2BfOhSieZihXljL9TztqzizzvVRxDv5jl
OiRPklaoHguzwNr/sBbkgP/ikpOtT3AecBfvfNAJ9dnKx+dArA==
X-DKIM-Status: fail [(serveradress.de) - 127.0.0.1]
X-DKIM-Status: fail [([email protected]) - 127.0.0.1]
X-DKIM-Status: fail [(serveradress.de) - 0.0.0.0]
X-DKIM-Status: fail [([email protected]) - 0.0.0.0]
Firm intern data changed again
Ah, I think it could be a problem in the z property. Try doing this:
$mail->DKIM_copyHeaderFields = false;
Found some other issues, please try again!
result = fail
Could you please send me a copy of the message you're sending? You can get one by doing:
$mail->preSend();
file_put_contents('message.eml', $mail->getSentMIMEMessage());
It would also be useful to see your test code so I can replicate it.
Also failing for me
output {still changing firm data @serveradress amd the {key} but i dont think you will need them}
Message:
Date: Fri, 11 Oct 2019 13:11:37 +0200
From: Florian Sobotka <[email protected]>
Message-ID: <Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk@serveradress.serveradress.de>
X-Mailer: PHPMailer 6.1.1 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk"
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; d=serveradress.de; s=dkim;
a=rsa-sha256; q=dns/txt; l=305; t=1570792297; c=relaxed/simple;
h=Date:From:Message-ID:X-Mailer:Content-Type:To:Subject;
[email protected];
z=Date:Fri,=2011=20Oct=202019=2013:11:37=20+0200
|From:Florian=20Sobotka=20<[email protected]>
|Message-ID:<Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk@serveradress.serveradress.
de>
|X-Mailer:PHPMailer=206.1.1=20(https://github.com/PHPMailer/PHPMailer)
|Content-Type:multipart/alternative=3Bboundary=3D"b1_Igc2Fglm8cgAPX5vdkgZk
XueYtVBpu8HqcK27gk"
|To:[email protected]
|Subject:DKIMTest;
bh={key}
To: [email protected]
Subject: DKIMTest
This is a multi-part message in MIME format.
--b1_Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk
Content-Type: text/plain; charset=us-ascii
DKIM Test
--b1_Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk
Content-Type: text/html; charset=us-ascii
DKIM Test
--b1_Igc2Fglm8cgAPX5vdkgZkXueYtVBpu8HqcK27gk--
Is there really a blank line between that bh={key} line and the To header? This is why I was asking to have the message written directly to disk - we are looking for very small discrepancies, and any alterations (for example changing the line break format, as happens when pasting into github) will mean the data can't be trusted. Did you try with $mail->DKIM_copyHeaderFields = false; as well?
Yeah the blank line is really there i didnt change anything at the format tryed it with copy header fields and its still fails here is the code
$mail = new PHPMailer;
$debug = '';
$mail->Debugoutput = function($str, $level) {
$GLOBALS['debug'] .= "$level: $str\n";
};
$mail->setFrom('[email protected]', 'Florian Sobotka');
$mail->addAddress('[email protected]');
$mail->Subject = 'DKIMTest';
$mail->msgHTML('DKIM Test');
$mail->DKIM_copyHeaderFields = false;
$mail->DKIM_domain = 'serveradress.de';
$mail->DKIM_private = 'dkim.pem';
$mail->DKIM_selector = 'dkim';
$mail->DKIM_passphrase = '';
$mail->DKIM_identity = $mail->From;
$mail->preSend();
file_put_contents('message.eml', $mail->getSentMIMEMessage());
//...later
echo $debug;
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!";
}
More changes pushed for this - please try again.
result = pass
for me the result fails
Date: Mon, 14 Oct 2019 15:45:25 +0200
From: Florian Sobotka <[email protected]>
Message-ID: <5mGRxU4EcRUVQZaeYf5gMHQuORph66C1SyzwZPOOs8I@serveradress.serveradress.de>
X-Mailer: PHPMailer 6.1.1 (https://github.com/PHPMailer/PHPMailer)
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="b1_5mGRxU4EcRUVQZaeYf5gMHQuORph66C1SyzwZPOOs8I"
Content-Transfer-Encoding: 8bit
DKIM-Signature: v=1; d=serveradress.de; s=dkim;
a=rsa-sha256; q=dns/txt; l=317; t=1571060725; c=relaxed/simple;
h=Date:From:Message-ID:X-Mailer:Content-Type:To:Subject;
[email protected];
bh=qN7Mjy0BtKhkCC5FYwTwq0NxL2ViQ7UrWzh6GYluqO4=;
b={key}
To: [email protected]
Subject: DKIMTest
This is a multi-part message in MIME format.
--b1_5mGRxU4EcRUVQZaeYf5gMHQuORph66C1SyzwZPOOs8I
Content-Type: text/plain; charset=us-ascii
DKIM Test
--b1_5mGRxU4EcRUVQZaeYf5gMHQuORph66C1SyzwZPOOs8I
Content-Type: text/html; charset=us-ascii
DKIM Test
--b1_5mGRxU4EcRUVQZaeYf5gMHQuORph66C1SyzwZPOOs8I--
There's no way for me to test a message that you have generated (and edited) because I can't get your public key.
Gone send you the full message to your email
I just updated a project from v5.2.14 to the latest 6.1.0 and I'm facing the same issue. I also tried your fork with the version number 6.0.1.
The message I get via dkimvalidator.com is "result = fail / Details: message has been altered".
SmarterMail DKIM Test says; Failed - Bad Signature
MailBee.NET DKIM Test says: Failed - SignatureInvalid
Office 365 says: dkim=fail (signature did not verify)
When switching back to v5.2.14 it's working fine.
How can I contribute to solving this issue?
Try the dkimrevision branch as that's where work on this issue is happening.
Yes, thank you, this one works!
Edit: I'm sorry I have been too fast. It works now with https://www.appmaildev.com/en/dkim and https://dkimvalidator.com. But Office 365 still insists that:
dkim=fail (body hash did not verify)
I'm going to test it again tomorrow, Maybe a caching issue...
We're not quite there yet - @Florian-Sobotka is still reporting issues with it (he sent me a test email), but I've not had time to look at that yet.
While I'm here, I should mention that I've been working on this side project which is proving quite helpful in diagnosing DKIM signature problems without having to use external testing services.
I just checked it with your tool and also got a positive response. Don't know what the problem with Office 365 is...
Edit: Just found a solution thanks to this entry:
https://github.com/PHPMailer/PHPMailer/issues/892#issuecomment-265116565
The _$mail->Encoding = 'quoted-printable';_ part did it for O365. :-)
Thank you so much for all the hard work!! Can we expect these fixes to be released soon? Wondering if I should revert back to pre-6.1.0 in te meanwhile or just sit this one out..
Tested the dkimrevision branch commit 694b911 successful btw. on SpamAssassin report, gmail, outlook, O365 and Thunderbird
I've merged these changes to master - even if it's not quite perfect yet, its a big improvement on what was there! It will go out in the next release, which I should be able to do soon, but please test latest master branch in the mean time.
I tested the master with latest commit (564f139) and it works perfect
I'm trying to get dkim working for some days, but it seems not to work at all.
from https://dkimvalidator.com/results:
Message contains this DKIM Signature:
DKIM-Signature: v=1; d=myserver.de; s=phpmailer;
a=rsa-sha256; q=dns/txt; l=347; t=1573377331; c=relaxed/simple;
h=Date:To:From:Subject:Message-ID:X-Mailer:Content-Type;
i=thomas.[email protected];
bh=H23lqnan2fKJUuAJZ6DOQVBF5UycWqwRsSJ4QYFn8VA=;
b=
there seems to be no signature (b=) at all.
my setup:
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->SMTPAuth = true;
$mail->Host = $mailHost;
$mail->Port = $mailPort;
$mail->Username = $mailUsername;
$mail->Password = $mailPassword;
$mail->DKIM_domain = 'myserver.de';
$mail->DKIM_private = '/path to private/';
$mail->DKIM_selector = 'phpmailer';
$mail->DKIM_passphrase = '';
//The identity you're signing as - usually your From address
$mail->DKIM_identity = $data['from_mail'];
//Suppress listing signed header fields in signature, defaults to true for debugging purpose
$mail->DKIM_copyHeaderFields = false;
$mail->CharSet = 'UTF-8';
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=M....
I've copied the private key to an editor and saved as txt file
might be, I'm right here, please give me a hint, if I'm wrong.
cheers
thomas
Thomas, you should enable debugging and check the output. Without full email and/or logging output it is like flying blind.
My first guess is the function DKIM_Sign will throw an exception.
Are you using the DKIM master merge (564f139) or dkim branch version? Because I have tested those intensively and they work.
so here I am on debugging:
Message: openssl_sign(): supplied key param cannot be coerced into a private key
Filename: src/PHPMailer.php
Line Number: 4465
Backtrace:
File: /...path /PHPMailer.php
Line: 4465
Function: openssl_sign
$mail->DKIM_private = '/path to private/' leads to empty $privKeyStr in function DKIM_Sign in line 4450
using $mail->DKIM_private = '/path/private.txt file submits the data, but leads to the message "supplied key param cannot be coerced into a private key
"
Are you setting DKIM_private to a path that points at a _valid_ private key? Don't assume it's correct, check it.
There are not many pages I didn't check for that in the last days.
Please help by a link or hint, I just can't find anything to test the private key, about formatting etc.
the public key is tested and seems to be valid.
sorry & thanks
Take a look at the way it's done in the unit test - try running that and compare the contents of your private key file with the one it generates.
thank you synchro!
"try running" is a good word for running the files without docs, no direct access (and thus no experience) with the server to install the entire system. (a shared server)
however, if somebody else is coming along due to the initial topic: I've copied this to a function in my mvc: - mail library:
$domain = 'myservername.de';
$selector = 'phpmailer';
//Private key filename for this selector
$privatekeyfile = $selector . '_dkim_private.pem';
//Public key filename for this selector
$publickeyfile = $selector . '_dkim_public.pem';
if (file_exists($privatekeyfile)) {
echo "Using existing keys - if you want to generate new keys, delete old key files first.\n\n";
$privatekey = file_get_contents($privatekeyfile);
$publickey = file_get_contents($publickeyfile);
} else {
//Create a 2048-bit RSA key with an SHA256 digest
$pk = openssl_pkey_new(
[
'digest_alg' => 'sha256',
'private_key_bits' => 2048,
'private_key_type' => OPENSSL_KEYTYPE_RSA,
]
);
//Save private key
openssl_pkey_export_to_file($pk, $privatekeyfile);
//Save public key
$pubKey = openssl_pkey_get_details($pk);
$publickey = $pubKey['key'];
file_put_contents($publickeyfile, $publickey);
}
and copied the keys to DNS and server, respectively.
the value
$mail->DKIM_private = PATH."mail/phpmailer610/pass/phpmailer_dkim_private.pem";
points to the file name, not just the path
and ...
DKIM check: pass
thank you again, it was the right help for fixing it by myself.
cheers
thomas
thank you again, it was the right help for fixing it by myself.
Thanks - We're all here to learn!